vulnerability
open
6 articles
The page reports on two critical vulnerabilities actively exploited today: CVE-2022-0492, related to improper authentication in the Linux Kernel, and CVE-2025-48595, an integer overflow vulnerability in the Android Framework. Access to the detailed vulnerability report requires support from the reader, encouraging contributions via platforms like PayPal and…
Jun 2, 2026
—
Jun 3, 2026
vulnerability
open
5 articles
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the LiteSpeed cPanel Plugin flaw, identified as CVE-2026-48172, to its Known Exploited Vulnerabilities catalog. This critical vulnerability (CVSS score of 10.0) affects versions prior to 2.4.5 and allows privilege escalation to potentially root access. It originates from poor…
May 23, 2026
—
May 28, 2026
incident
open
12 articles
Moxa has issued a critical security advisory (MPSA-263140) concerning vulnerabilities in its Linux-based operating systems that allow local attackers to gain root privileges. The weaknesses are identified as 'Copy Fail' (CVE-2026-31431) and 'Dirty Frag' (CVE-2026-43284, CVE-2026-43500). The advisory underscores the risks in non-containerized…
May 1, 2026
—
May 27, 2026
vulnerability
open
6 articles
The Security Affairs newsletter Round 578, authored by Pierluigi Paganini, highlights significant Cybersecurity incidents and threats. Key points include a critical SQL injection flaw in Drupal (CVE-2026-9082) currently under attack, the rise of pure extortion in cybercrime over traditional ransomware, and arrests related to the Kimwolf botnet. The…
May 21, 2026
—
May 24, 2026
breach
open
2 articles
An international operation led by France and the Netherlands dismantled First VPN, a cybercriminal service used by ransomware operators. Bitdefender supported the investigation, helping to expose numerous individuals associated with cybercrime. The operation involved the dismantling of 33 servers and the seizure of primary domains, with the administrator…
May 21, 2026
—
May 21, 2026
vulnerability
open
12 articles
According to Siemens ProductCERT, a buffer overflow vulnerability in the User-ID Authentication Portal (Captive Portal) service of Palo Alto Networks PAN-OS software could allow an unauthenticated attacker to execute arbitrary code with root privileges on PA-Series and VM-Series firewalls by sending specially crafted packets. The following versions of…
May 6, 2026
—
May 19, 2026
incident
open
2 articles
INTERPOL has coordinated a first-of-its-kind cybercrime crackdown across the Middle East and North Africa that led to 201 arrests and the identification of an additional 382 suspects. The operation, run by 13 countries from October 2025 to February 2026, targeted phishing and malware infrastructure and aimed to prevent future losses while arresting…
May 18, 2026
—
May 18, 2026
vulnerability
open
3 articles
CVE-2026-42945 is a heap memory corruption issue in NGINX’s rewrite module (ngx_http_rewrite_module) that can lead to a heap-based buffer overflow during rewrite processing. The vulnerability is remotely reachable over HTTP and can be triggered without authentication when specific rewrite-rule patterns are present, making internet-facing NGINX reverse…
May 14, 2026
—
May 14, 2026
breach
open
2 articles
According to Check Point Research, on 4 May 2026 The Gentlemen RaaS administrator acknowledged the leak of an internal Rocket backend database, which exposed operational details about infrastructure, affiliates and victims. The published material includes chats and data showing 9 accounts and 8 unique TOX IDs linked to the operation, with the administrator…
May 11, 2026
—
May 13, 2026
vulnerability
open
2 articles
Cybersecurity researchers disclosed a critical out-of-bounds read vulnerability in Ollama, tracked as CVE-2026-7482 (CVSS score: 9.1) that could allow a remote, unauthenticated attacker to leak the entire Ollama process memory, potentially exposing environment variables, API keys, system prompts and user data. The flaw stems from Ollama’s use of the unsafe…
May 5, 2026
—
May 10, 2026
breach
open
5 articles
On 8 May 2026, RansomHouse claimed responsibility for the Trellix breach, adding the security firm to its Tor data leak site and publishing screenshots they allegedly show access to internal Trellix systems. The article notes that in early May Trellix disclosed unauthorized access to part of its source code repository and that the company began an…
May 2, 2026
—
May 8, 2026
vulnerability
open
5 articles
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. The affected CVE is CVE-2026-42208, described as a BerriAI LiteLLM SQL Injection Vulnerability. This vulnerability is highlighted as a frequent attack vector used by malicious cyber actors and poses significant risks to the…
Apr 29, 2026
—
May 8, 2026
vulnerability
open
2 articles
SecurityWeek’s In Other News round-up highlights a 23-year-old student detained in Taiwan for allegedly infiltrating the high-speed rail network and transmitting fake General Alarm signals, alongside the rise of PamDOORa, a PAM-based Linux backdoor marketed by a threat actor known as ‘darkworm’ that provides persistent SSH access while harvesting plaintext…
May 8, 2026
—
May 8, 2026
breach
open
8 articles
The Cybersecurity Reading List for the week of 2026-05-04 highlights a mix of official reports, agency guidance and research reflecting a broad threat landscape. Notable items include FBI/IC3 reporting a surge in cyber-enabled strategic cargo theft, and UK NCSC sharing fresh advice for defending against China-linked covert networks as PRC activity evolves.…
Apr 29, 2026
—
May 7, 2026
incident
open
2 articles
According to Kaspersky, Daemon Tools, a widely used app for mounting disk images, was backdoored in a monthlong supply-chain compromise that began on 8 April 2026 and remained active as of the time of reporting. Installers signed by the developer’s official certificate and downloaded from its website infected Daemon Tools executables, with the malware…
May 5, 2026
—
May 5, 2026
incident
open
2 articles
Two critical-severity flaws are being exploited in MetInfo and Weaver E-cology to execute arbitrary code remotely without authentication. In MetInfo, tracked as CVE-2026-29014 with a CVSS of 9.8, the issue arises from an unauthenticated PHP code injection path that accepts user input and allows remote code execution. On Weaver E-cology, CVE-2026-22679…
May 5, 2026
—
May 5, 2026